Flaw makes it possible for attackers to bypass some HTTPS protections.

Apple has patched versions of its iOS and OS X operating systems to fix yet another extremely critical cryptography vulnerability that leaves some users open to surreptitious eavesdropping. Readers are urged to install the updates immediately.

The flaw resides in the secure transport mechanism of iOS version 7.1 and earlier for iPhones and iPads and the Mountain Lion 10.8.5 and Mavericks 10.9.2 versions of Mac OS X, according to advisories here and here. The bug makes it possible to bypass HTTPS encryption protections that are designed to prevent eavesdropping and data tampering by attackers with the capability to monitor traffic sent by and received from vulnerable devices. Such "man-in-the-middle" attackers could exploit the bug by abusing the "triple handshake" carried out when secure connections are established by applications that use client certificates to authenticate end users.

"In a 'triple handshake' attack, it was possible for an attacker to establish two connections which had the same encryption keys and handshake, insert the attacker's data in one connection, and renegotiate so that the connections may be forwarded to each other," Apple's warning explained. "To prevent attacks based on this scenario, Secure Transport was changed so that, by default, a renegotiation must present the same server certificate as was presented in the original connection."

Further Reading

The patch comes three months after the disclosure of a separate serious HTTPS vulnerability dubbed "goto fail" that similarly threatened iOS and OS X Mavericks users. It wasn't fixed in OS X until four days after the bug became widely known, a delay that prompted criticism from security professionals because it potentially gave attackers a window to exploit Mavericks machines. By contrast, the triple handshake bug may be considered less severe because it affects a smaller class of applications. Still, it's a serious bug because those apps are typically used by businesses and government agencies, where security is especially sensitive. More information about triple-handshake weaknesses is available here.

The iOS and OS X updates Apple issued Tuesday, which Ars wrote about earlier here, fix a variety of other serious security vulnerabilities, some of which also affect Mac OS X Lion. Users should install them as soon as possible.

Post updated to add details about client authentication.

Promoted Comments

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

I'm on Snow Leopard and Software Update just notified me of 'Security Update 2014-002' which requires a system restart. I don't know that these are related, but I would be surprised if they weren't.

Apple's published security notes and manual downloads page only mention the 2014-002 security update being released for Lion (OS X 10.7.5) and later versions. Software Update for my 10.6.8 Server is not showing this update. Are you sure you are running Snow Leopard (10.6.x)?

As to the question of whether Snow Leopard is affected by the triple handshake bug, it has been fixed for OS X 10.8.5 and 10.9.2 in the latest security update, but not for 10.7.5, which also got a security update at the same time. That implies the bug did not affect 10.7.5 (or Apple would have fixed it), and it is therefore likely to also not affect earlier OS X versions. More detailed analysis would be needed to confirm this.

Edit: I just noticed that Apple's security note says "This issue does not affect Mac OS X 10.7 systems and earlier.", so that pretty definitely means Snow Leopard is OK.

We need to stop kidding ourselves that the current way of implementing crypto works or just go back to telnet.Just finished reading the LibreSSL initiative writeup where they removed 90 THOUSAND lines of code...without affecting any functionality.

Here is an easy to understand writeup of what the other Apple 'gotofail' SSL issue was. I would paraphrase it by saying it was a 'typo' that broke the whole encryption scheme. BAD BAD BAD.

We need to stop kidding ourselves that the current way of implementing crypto works or just go back to telnet.Just finished reading the LibreSSL initiative writeup where they removed 90 THOUSAND lines of code...without affecting any functionality.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

Ah, so this isn't new-new. Though the patch is new. That explains why OSX and iOS are getting patched together.

Apple has issued no advisories saying it is. The company doesn't answer reporters' or users' questions concerning security, so there's no way to get a statement affirming Snow Leopard is immune.

If it's so easy to exploit, why not test it, or find a professional who can.

And why is it every time the story involve Apple the wording is always just a little more dire, a little more hurry-up and fix it before we all die; while massive security issues with Android continue to reside on millions of devices get barely a mention.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

Would it be possible to get a write up as to how that works? A full quarter of advance notice for their competitors seems quite suspect at first blush.

Apple has issued no advisories saying it is. The company doesn't answer reporters' or users' questions concerning security, so there's no way to get a statement affirming Snow Leopard is immune.

If it's so easy to exploit, why not test it, or find a professional who can.

And why is it every time the story involve Apple the wording is always just a little more dire, a little more hurry-up and fix it before we all die; while massive security issues with Android continue to reside on millions of devices get barely a mention.

I write 325+ articles per year, most involving serious vulnerabilities in a host of products. If you read a valid sample of my past coverage, I think you'll find I'm equally tough on all products and platforms I write about, not just those from Apple. My headlines concerning Heartbleed, for example, have frequently used "catastrophic" and similarly dire descriptions.

Thank you! Linked and shared. I'm trying to get my Mac and iOS using friends to take security seriously. Stuff like this helps keep them on their toes and dispell the myths that OSX/iOS is flawless from a security standpoint.

Also, I'm training/mentoring two Mac users (one in college, one recent grad), and knowing how sometimes small companies use anyone semi-tech literate as a replacement for actual IT or professional help? Its good for them to see.

Apple has issued no advisories saying it is. The company doesn't answer reporters' or users' questions concerning security, so there's no way to get a statement affirming Snow Leopard is immune.

If the bug/fix is in the opensource repository, it should be (eventually) clear if the bug was present back in that era. Until then, the only way would be for someone to try to create a test bed and see what SL does.

Apple has issued no advisories saying it is. The company doesn't answer reporters' or users' questions concerning security, so there's no way to get a statement affirming Snow Leopard is immune.

If it's so easy to exploit, why not test it, or find a professional who can.

And why is it every time the story involve Apple the wording is always just a little more dire, a little more hurry-up and fix it before we all die; while massive security issues with Android continue to reside on millions of devices get barely a mention.

Because: The Children!

p.s. And Dan, as the owner of one of the affected TC5 units and other Apple gear, I don't find there to be a bias in your writing and I am appreciative of the info you convey ... pls keep up the good work!

... to fix yet another extremely critical cryptography vulnerability that leaves some users open to surreptitious eavesdropping. Readers are urged to install the updates immediately.

I'd suggest the author to save this as a snippet.

I have a feeling the companies are wising up and revisiting their security code to prevent another idiotic massive bug, so we're going to hear a lot of security updates fixing critical and stupid bugs this year.

I know coding is hard but at least people are paying attention now, at least I hope so.

I don't know whether to feel good that this has been fixed or bad that it existed in the first place, for so long, and that there are probably other equally critical flaws that aren't yet discovered or reported.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Could be as simple as the method works slightly differently on Apple's OSes, so they initially thought Apple wasn't vulnerable, then in further testing found the slight tweak where Apple is vulnerable, then told Apple.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Could be as simple as the method works slightly differently on Apple's OSes, so they initially thought Apple wasn't vulnerable, then in further testing found the slight tweak where Apple is vulnerable, then told Apple.

Shouldn't it be up to Apple to determine that? It is not going to harm anybody if Apple said they weren't vulnerable, at least the information will be up to date and more accurate for the reporter of the exploit.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Could be as simple as the method works slightly differently on Apple's OSes, so they initially thought Apple wasn't vulnerable, then in further testing found the slight tweak where Apple is vulnerable, then told Apple.

Shouldn't it be up to Apple to determine that? It is not going to harm anybody if Apple said they weren't vulnerable, at least the information will be up to date and more accurate for the reporter of the exploit.

I thought what they do is report exploits first to only the developer of the vulnerable software, not simply to anyone who makes an OS.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Could be as simple as the method works slightly differently on Apple's OSes, so they initially thought Apple wasn't vulnerable, then in further testing found the slight tweak where Apple is vulnerable, then told Apple.

Shouldn't it be up to Apple to determine that? It is not going to harm anybody if Apple said they weren't vulnerable, at least the information will be up to date and more accurate for the reporter of the exploit.

I thought what they do is report exploits first to only the developer of the vulnerable software, not simply to anyone who makes an OS.

So, Mozilla, Google, and Microsoft was the original developers? It doesn't sound right.

I'm on Snow Leopard and Software Update just notified me of 'Security Update 2014-002' which requires a system restart. I don't know that these are related, but I would be surprised if they weren't.

Apple's published security notes and manual downloads page only mention the 2014-002 security update being released for Lion (OS X 10.7.5) and later versions. Software Update for my 10.6.8 Server is not showing this update. Are you sure you are running Snow Leopard (10.6.x)?

As to the question of whether Snow Leopard is affected by the triple handshake bug, it has been fixed for OS X 10.8.5 and 10.9.2 in the latest security update, but not for 10.7.5, which also got a security update at the same time. That implies the bug did not affect 10.7.5 (or Apple would have fixed it), and it is therefore likely to also not affect earlier OS X versions. More detailed analysis would be needed to confirm this.

Edit: I just noticed that Apple's security note says "This issue does not affect Mac OS X 10.7 systems and earlier.", so that pretty definitely means Snow Leopard is OK.

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

What The Fuck!

Why wasn't Apple told in October? >:(

Good question, why wasn't Apple told at the same time of those other companies?

Could be as simple as the method works slightly differently on Apple's OSes, so they initially thought Apple wasn't vulnerable, then in further testing found the slight tweak where Apple is vulnerable, then told Apple.

Shouldn't it be up to Apple to determine that? It is not going to harm anybody if Apple said they weren't vulnerable, at least the information will be up to date and more accurate for the reporter of the exploit.

Good to know that Ars' extremely unbiased and trustworthy Security Editor noted that other platforms were affected by similar bugs in his original article. Rather than relying on his colleagues to correct his complete incompetence.

Bravo!

Well, I don't see an issue with Dan's reply - that being said, out of curiosity what alternative option would you suggest?

Worth noting that Apple wasn't the only one hit by this issue, and that Google, Mozilla, and Microsoft have all issued fixes of their own. Apple looks like it was one of the last vendors to be notified (Google and Microsoft were both told in October last year; Apple not until January this year).

I'm from New Zealand. If you say triple handshake to a kiwi, we immediately remember October 2011, when our prime minister John Key attempted a triple handshake in front of 61,000 people (it didn't turn out very well).